search

guaka / hitchticker

Simple ticker for hitchhikers
http://hitchticker.info/
MIT License
5 stars 2 forks source link

Validate phone numbers #9

Open simison opened 9 years ago

simison commented 9 years ago

Now: http://jackocnr.com/intl-tel-input.html

Instead:

chmac commented 9 years ago

Smart approach. To do it properly it'll need to time out I guess, send an SMS to this number with this code in the next 10 minutes. Maybe not necessary immediately, but good security.

The message should also not be published, so that means incoming messages will need to be filtered for ones which contain codes and ones which don't. Could potentially use a second incoming number, but that might be overly complex as well...

simison commented 9 years ago

second incoming number would be great but costs +5e/month, cheaper to make "delete message" feature. ;-D

simison commented 9 years ago

Actually, this:

  1. User signs up —> we generate a random number
  2. If no mobile number at the DB, show a splash asking to send some code to the app (eg. 4944)
  3. Possible to click "no thanks" and then mark to the DB (or cookie?) not to bug that person anymore
  4. Collect user's phone number when they send SMS to us
  5. Have a button "forget my number" —> generate new random code

or this:

  1. User signs up —> require unique username
  2. ...

But number code is surely easier to get right compared to some weird long username.

UserStefan commented 9 years ago

Don´t know if this helps, but with the old ticker of Philipp the process was:

Send a first SMS with some specific text like "Register Stefan". The ticker automatically registers your number and adds Stefan as your username. All the following messages from your phone will be posted as User Stefan.

guaka commented 9 years ago

not showing a code for me (now, it was showing before) screen shot 2015-04-17 at 22 32 49

simison commented 9 years ago

It's created here: https://github.com/guaka/hitchticker/blob/master/server/users.coffee#L8

Perhaps for those users at Meteor.com it was never created?

That unique function should still test if the ID really is unique. Some while loop checking if random id exists in the DB or not.

UserStefan commented 9 years ago

Can not test it, as im in argentina without cellphone. But i ask Ben.

Athameon commented 9 years ago

Hi, I tested it. I got the code and send 2 SMS to the number. But as you may see, it just post the random number.

It should never post a message from a unregistered user, should it? You add the random number in "user.coffee", but where do you check the message input? I cant find a isequal (or simular, i don't know scripts) from sent text and ’options.profile.phonecode’.

UserStefan commented 9 years ago

Möp. Ben wrote this, i thought it was written by Kasper!!

Guys, gonna go further? Can wen make this till tomorrow?

guaka commented 9 years ago

Unfortunately my laptop is in repair, won't be able to do much. Hope that what's at hitchticker.meteor.com will be usable...

sent from my mobile phone On Apr 28, 2015 4:24 PM, "UserStefan" notifications@github.com wrote:

Möp. Ben wrote this, i thought it was written by Kasper!!

Guys, gonna go further? Can wen make this till tomorrow?

— Reply to this email directly or view it on GitHub https://github.com/guaka/hitchticker/issues/9#issuecomment-97080821.